Php 如何在symfony2中保护除登录页面以外的所有页面?
我想通过FOSUserBundle登录来保护整个网站。我试着设置安全措施。我喜欢这样Php 如何在symfony2中保护除登录页面以外的所有页面?,php,symfony,yaml,fosuserbundle,Php,Symfony,Yaml,Fosuserbundle,我想通过FOSUserBundle登录来保护整个网站。我试着设置安全措施。我喜欢这样 security: encoders: Symfony\Component\Security\Core\User\User: plaintext FOS\UserBundle\Model\UserInterface: sha512 role_hierarchy: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER,
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_manager
firewalls:
main:
pattern: ^/
form_login:
check_path: /login_check
login_path: /login
provider: fos_userbundle
always_use_default_target_path: true
default_target_path: /dashboard
logout:
path: /logout
target: /
anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
access_control:
- { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
但是我不知道在config.yml中设置什么
这是我的config.yml
imports:
- { resource: parameters.yml }
- { resource: security.yml }
framework:
#esi: ~
translator: ~
secret: %secret%
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
templating:
engines: ['twig']
#assets_version: SomeVersionScheme
default_locale: "%locale%"
trusted_proxies: ~
session: ~
fragments: ~
http_method_override: true
# Twig Configuration
twig:
debug: %kernel.debug%
strict_variables: %kernel.debug%
# Assetic Configuration
assetic:
debug: %kernel.debug%
use_controller: false
bundles: [ ]
#java: /usr/bin/java
filters:
cssrewrite: ~
#closure:
# jar: %kernel.root_dir%/Resources/java/compiler.jar
#yui_css:
# jar: %kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar
# Doctrine Configuration
doctrine:
dbal:
driver: %database_driver%
host: %database_host%
port: %database_port%
dbname: %database_name%
user: %database_user%
password: %database_password%
charset: UTF8
# if using pdo_sqlite as your database driver, add the path in parameters.yml
# e.g. database_path: %kernel.root_dir%/data/data.db3
# path: %database_path%
orm:
auto_generate_proxy_classes: %kernel.debug%
auto_mapping: true
# Swiftmailer Configuration
swiftmailer:
transport: %mailer_transport%
host: %mailer_host%
username: %mailer_user%
password: %mailer_password%
spool: { type: memory }
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: Dashboard\UserBundle\Entity\User
这是我的控制器
<?php
namespace Proposals\ProposalsBundle\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Proposals\ProposalsBundle\Entity\Proposals;
use Proposals\ProposalsBundle\Form\ProposalsType;
/**
* Proposals controller.
*
*/
class ProposalsController extends Controller
{
/**
* Lists all Proposals entities.
*
*/
public function indexAction()
{
$em = $this->getDoctrine()->getManager();
$entities = $em->getRepository('ProposalsProposalsBundle:Proposals')->findAll();
return $this->render('ProposalsProposalsBundle:Proposals:index.html.twig', array(
'entities' => $entities,
));
}
每次都一样,没有人盯着文档。韦恩。但对于你的垃圾邮件,你不应该得到答案,但这是不公平的^^
security:
firewalls:
main:
pattern: ^/
# other settings
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_USER }
移动到此URLlocalhost/QuickBacklog/web/app_dev.php/dashboard
您必须在security.yml中添加这样的内容
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
default_target_path: /dashboard/
logout:
........
invalidate_session: false
anonymous: ~
在路由文件中
applicationlogin_success:
pattern: /dashboard/
defaults: { _controller: SampleBundle:Default:FrontPage }
通过使用默认的目标路径:路由模式,你将重定向它…从你的security.yml中删除“匿名:~”。您还需要取消最后一行(^/login,roles:IS_AUTHENTICATED_ANONYMOUSLY)的注释,然后启动该项目,但它没有运行PLZ停止垃圾邮件…或者您的生活是否依赖于此问题的解决方案?;)当我登录时,它将移动到而不是移动到